https://pulumi.com logo
Powered by
#getting-started
Title
# getting-started
r

rapid-belgium-4304

11/16/2023, 7:21 AM
Hey guys, I'm a bit frustrated with the 
dial tcp: lookup
error, as it does not seem to be indicative of the actual problem. All my pulumi projects stopped working today with this error. Worked earlier in the day. FWIW I did do a 
brew upgrade
Copy code
* configuring Terraform AWS Provider: validating provider credentials: retrieving caller identity from STS: operation error STS: GetCallerIdentity, https response error StatusCode: 0, RequestID: , request send failed, Post "<https://sts.us-east-1.amazonaws.com/>": dial tcp: lookup <http://sts.us-east-1.amazonaws.com|sts.us-east-1.amazonaws.com> on 192.168.0.1:53: no such host
How do I debug this and understand the actually problem? This works fine:
Copy code
aws-vault exec {env} -- aws sts get-caller-identity
This fails, but had been working fine to date for months, no changes (other than updating outdated brew packages)
Copy code
aws-vault exec {env} --no-session -- pulumi up --stack {stack}
s

stale-answer-34162

11/16/2023, 2:49 PM
refresh your amazon credentials
r

rapid-belgium-4304

11/16/2023, 4:33 PM
How do I refresh my AWS credentials? I was under the impression that that is exactly was 
aws-vault
is doing, generating new temporary credentials for AWS. Do you mean something else?
s

stale-answer-34162

11/16/2023, 4:34 PM
ask chatgpt
r

rapid-belgium-4304

11/16/2023, 4:36 PM
aws sts get-caller-identity
indicate my credentials are working just fine. If you mean something else, then you should explain what you mean.
s

stale-answer-34162

11/16/2023, 4:36 PM
again you can ask chatgpt. I'm not going to solve this for you.
r

rapid-belgium-4304

11/16/2023, 4:40 PM
Your trolling is unhelpful.
It works with classic AWS credentials. Pulumi, not getting Pulumi working with 
aws-vault
v7.2.0 on Mac Sonoma 14.1.1. See above error.
Not the first time things not working with AWS temporary session credentials from 
aws-vault
, can you guys please test with this? Modern infosec practices even Amazon's own recommendations prohibit AWS classic credentials.
It's not strictly that it isn't working with 
aws-vault
, there's something much more fragile with how it's acquiring AWS credentials. It's very easy to break. Some debugging on your part is in order. Is the Go pulumi package more reliable than the Node packages?
This is clearly erroneous. Rather than stop and throw here, determining the actual error is a good start:
Copy code
dial tcp: lookup sts.us-east-1.amazonaws.com on 192.168.0.1:53: no such host
g

gifted-gigabyte-53859

11/17/2023, 12:50 AM
@rapid-belgium-4304 I was having a weird issue very simliar to this yesterday, but it's now resolved. Maybe it works for you now? At first I thought it was my internet connection but now I'm not so sure. Perhaps intermittent pulumi outage or some weird internet routing issue.
Like you said, it's not the first time I've had cases where Pulumi didn't work but raw aws cli works
r

rapid-belgium-4304

11/17/2023, 1:24 AM
i/o timeout
-- different error, but yes, if AWS CLI works then exactly what does Pulumi (or Terraform) require that acts differently then the AWS CLI.
s

salmon-account-74572

11/17/2023, 8:57 PM
We just opened an issue on this, can you all chime in on what you’ve been seeing to help us track down what’s going on? https://github.com/pulumi/pulumi-aws/issues/3023
r

rapid-belgium-4304

11/21/2023, 2:28 AM
I have no solution to this problem. This is a show-stopper.
Occurs now with just classic AWS CLI credentials. Problem is persistent enough that it's no longer possible to use pulumi, and not persistent just enough to know that it's not a configuration error. For example, 
preview
worked one time out of a dozen attempts, 
up
and yet to work again.
My only reliable fix is to run 
pulumi
in a docker image.
s

salmon-account-74572

11/27/2023, 4:39 PM
@rapid-belgium-4304 If you haven’t already, can you weigh in on the issue linked above and/or upvote it?
Powered by